www.ghemassagekaitashi.com Open in urlscan Pro
13.228.81.39 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.ghemassagekaitashi.com/
Submission: On November 24 via api (November 24th 2024, 10:26:25 pm UTC) from US — Scanned from SG

Summary HTTP 53 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 12 domains to perform 53 HTTP transactions. The main IP is 13.228.81.39, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is www.ghemassagekaitashi.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on November 14th 2024. Valid for: 3 months.

This is the only time www.ghemassagekaitashi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	13.228.81.39 13.228.81.39	16509 (AMAZON-02) (AMAZON-02)
1	74.125.24.95 74.125.24.95	15169 (GOOGLE) (GOOGLE)
13	13.35.238.29 13.35.238.29	16509 (AMAZON-02) (AMAZON-02)
1	172.253.118.97 172.253.118.97	15169 (GOOGLE) (GOOGLE)
2	57.144.144.128 57.144.144.128	32934 (FACEBOOK) (FACEBOOK)
7	184.50.85.169 184.50.85.169	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
17	74.125.68.94 74.125.68.94	15169 (GOOGLE) (GOOGLE)
2	18.143.120.180 18.143.120.180	16509 (AMAZON-02) (AMAZON-02)
1	74.125.200.102 74.125.200.102	15169 (GOOGLE) (GOOGLE)
2	142.251.175.102 142.251.175.102	15169 (GOOGLE) (GOOGLE)
6	57.144.144.1 57.144.144.1	32934 (FACEBOOK) (FACEBOOK)
2 2	54.151.206.154 54.151.206.154	16509 (AMAZON-02) (AMAZON-02)
53	12

1 13.228.81.39 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-81-39.ap-southeast-1.compute.amazonaws.com

www.ghemassagekaitashi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.24.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 13.35.238.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-238-29.sin2.r.cloudfront.net

w.ladicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.118.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 57.144.144.128 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-sin11.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 184.50.85.169 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a184-50-85-169.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 74.125.68.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.143.120.180 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-143-120-180.ap-southeast-1.compute.amazonaws.com

a.ladipage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.200.102 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f102.1e100.net

docs.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.175.102 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f102.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 57.144.144.1 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-sin11.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.151.206.154 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-151-206-154.ap-southeast-1.compute.amazonaws.com

static.ladipage.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	gstatic.com fonts.gstatic.com	360 KB
13	ladicdn.com w.ladicdn.com — Cisco Umbrella Rank: 83611	1 MB
7	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 799	142 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	631 B
2	ladipage.net 2 redirects static.ladipage.net — Cisco Umbrella Rank: 159190	297 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36
2	ladipage.com a.ladipage.com — Cisco Umbrella Rank: 96666	651 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	76 KB
1	google.com docs.google.com — Cisco Umbrella Rank: 109	6 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	108 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
1	ghemassagekaitashi.com www.ghemassagekaitashi.com	41 KB
53	12

	Domain	Requested by
17	fonts.gstatic.com	fonts.googleapis.com
13	w.ladicdn.com	www.ghemassagekaitashi.com w.ladicdn.com
7	analytics.tiktok.com	www.ghemassagekaitashi.com analytics.tiktok.com
6	www.facebook.com	www.ghemassagekaitashi.com
2	static.ladipage.net	2 redirects
2	www.google-analytics.com	www.googletagmanager.com
2	a.ladipage.com	w.ladicdn.com
2	connect.facebook.net	www.ghemassagekaitashi.com connect.facebook.net
1	docs.google.com	w.ladicdn.com
1	www.googletagmanager.com	www.ghemassagekaitashi.com
1	fonts.googleapis.com	www.ghemassagekaitashi.com
1	www.ghemassagekaitashi.com
53	12

This site contains no links.

Subject Issuer	Validity	Valid
www.ghemassagekaitashi.com ZeroSSL RSA Domain Secure Site CA	`2024-11-14` - `2025-02-12`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
w.ladicdn.com Amazon RSA 2048 M02	`2024-09-12` - `2025-10-12`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-03` - `2024-12-02`	3 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
a.ladipage.com Amazon RSA 2048 M03	`2024-04-17` - `2025-05-16`	a year	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.ghemassagekaitashi.com/
Frame ID: FBD64BDD1542D59733EB12BA5F872778
Requests: 54 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GHẾ MASSAGE KAITASHI KS-112

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

53
Requests

96 %
HTTPS

0 %
IPv6

12
Domains

12
Subdomains

12
IPs

3
Countries

1970 kB
Transfer

4188 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://static.ladipage.net/66609339ed4926001234e8f3/441583701_122095128590339038_3022677313439243344_n-20241115020449-np6qn.jpg HTTP 301
https://w.ladicdn.com/66609339ed4926001234e8f3/441583701_122095128590339038_3022677313439243344_n-20241115020449-np6qn.jpg

Request Chain 52

https://static.ladipage.net/66609339ed4926001234e8f3/441583701_122095128590339038_3022677313439243344_n-20241115020449-np6qn.jpg HTTP 301
https://w.ladicdn.com/66609339ed4926001234e8f3/441583701_122095128590339038_3022677313439243344_n-20241115020449-np6qn.jpg

53 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.ghemassagekaitashi.com/ 199 KB
41 KB 120ms
6ms Document
text/html 13.228.81.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ghemassagekaitashi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.228.81.39 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-228-81-39.ap-southeast-1.compute.amazonaws.com

Software

openresty /

Resource Hash

8298d0c3a2ece9dc3d1a2bf3a2b8899158e9e7f996c2179fe8b37a88150d4b7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 24 Nov 2024 22:26:19 GMT
server: openresty
statuscode: 200
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 18 KB
2 KB 19ms
8ms Stylesheet
text/css 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&family=Barlow+Condensed:wght@400;700&family=Oswald:wght@400;700&family=Trirong:wght@400;700&family=Tinos:wght@400;700&display=swap

Requested by

Host: www.ghemassagekaitashi.com
URL: https://www.ghemassagekaitashi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

ESF /

Resource Hash

a69274182ba0a73df30bff301fa319d846760b629cc78357b89826ba6d61f110

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ghemassagekaitashi.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 22:26:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 22:26:19 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 24 Nov 2024 22:26:19 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 ladipagev3.min.js Show response
w.ladicdn.com/v4/source/ 412 KB
97 KB 19ms
4ms Script
text/javascript 13.35.238.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/v4/source/ladipagev3.min.js?v=1731311793243
Requested by: Host: www.ghemassagekaitashi.com
URL: https://www.ghemassagekaitashi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.238.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-238-29.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: 72b65e50a20885aaaaf1f8f42a67501fe92f8d88659f74c7775e79ff7b92833c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ghemassagekaitashi.com/

Response headers

access-control-max-age: 2592000
content-encoding: gzip
age: 224678
access-control-allow-methods: GET
expires: Sat, 22 Nov 2025 08:01:41 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 5FRQvGi6q2DwKR75JSkc_Y_U_Wxqf-LZm2HE7BTIG3IOrmVEkLxs5w==
date: Fri, 22 Nov 2024 08:01:41 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cache-control: public, max-age=31536000
access-control-allow-credentials: true
via: 1.1 c9e960a38bdca78bc2199689902e6c2e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: SIN2-P8
server: nginx

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 322 KB
108 KB 34ms
21ms Script
application/javascript 172.253.118.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QWJ7CM8KME

Requested by

Host: www.ghemassagekaitashi.com
URL: https://www.ghemassagekaitashi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

7d9f021cc2bc112fe79b5ce11448b9565ff308bc445840e1ac89babcddc6a516

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ghemassagekaitashi.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 24 Nov 2024 22:26:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 22:26:19 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109742
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 notify.svg
w.ladicdn.com/source/ 2 KB
867 B 22ms
8ms Image
image/svg+xml 13.35.238.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/source/notify.svg?v=1.0
Requested by: Host: www.ghemassagekaitashi.com
URL: https://www.ghemassagekaitashi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.238.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-238-29.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: c950f9d8711acbcb718c05c7d12d9297acfd418b228382d45c92c36deab49b12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ghemassagekaitashi.com/

Response headers

access-control-max-age: 2592000
content-encoding: gzip
age: 6225469
access-control-allow-methods: GET
expires: Sat, 13 Sep 2025 21:08:30 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: -TG_QEmOel8vCGyIPQs1ZQb4v1imOZ38Ebqyfyf3j5QLDDk_jrR4rA==
date: Fri, 13 Sep 2024 21:08:30 GMT
content-type: image/svg+xml
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cache-control: public, max-age=31536000
access-control-allow-credentials: true
via: 1.1 c9e960a38bdca78bc2199689902e6c2e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: SIN2-P8
server: nginx

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 245 KB
62 KB 22ms
9ms Script
application/x-javascript 57.144.144.128
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.ghemassagekaitashi.com
URL: https://www.ghemassagekaitashi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

57.144.144.128 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-sin11.fbcdn.net

Software

Resource Hash

1aece686ac161180b8b90259b6ddf269cd9ab7a893ca3fd36d2d2d17deaf6be5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-LcLTadW0' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ghemassagekaitashi.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 24 Nov 2024 22:26:19 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-LcLTadW0' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=23, mss=1232, tbw=4453, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: TFkHmNfCBVlHDpP7XfjDZisCXCmoo9QSvewW2xmxBko5nemhLgJEqes9rPXNx8Y5H8zoia7UjEqdhMtZXTEcmw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 63583
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 284ms
248ms Script
application/javascript 184.50.85.169
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CB4IMK3C77UBOJFJDCFG&lib=ttq
Requested by: Host: www.ghemassagekaitashi.com
URL: https://www.ghemassagekaitashi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.50.85.169 Singapore, Singapore, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a184-50-85-169.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ca28f0f5d3f5076540286bd2d13ba08708f02bc5a1e8b312606ac494cedbe367

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ghemassagekaitashi.com/

Response headers

content-encoding: gzip
x-cache-remote: TCP_MISS from a23-218-223-80.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
expires: Sun, 24 Nov 2024 22:26:20 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=216, origin; dur=27, inner; dur=20
x-cache: TCP_MISS from a96-17-180-183.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date: Sun, 24 Nov 2024 22:26:20 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: 6a855262.8aa5209
x-tt-trace-host: 01919764b5f5c9599352f139a013031a338abac514943fe356ffde37f3dbf02fe6e7d12021709471f89b43c53e3d1658f1163f2573c90e0606637200ed21f9a53cf30366a470e4bdcb1658866500c6e70cbd4f57d5e47c07b3b8bf7f78da830e8375ceb24b156af3f69b2220288fb697d6
x-origin-response-time: 27,23.218.223.80
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2411242226207F2B5BD4C62588C16D31-5273E2E57C14D3CD-00
content-length: 1834
x-parent-response-time: 242,96.17.180.183
x-tt-logid: 202411242226207F2B5BD4C62588C16D31
server: nginx

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 268ms
233ms Script
application/javascript 184.50.85.169
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE3KJTRC77UAS1JJAR70&lib=ttq
Requested by: Host: www.ghemassagekaitashi.com
URL: https://www.ghemassagekaitashi.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.50.85.169 Singapore, Singapore, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a184-50-85-169.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 17fa126bfc847b6b17e95b29180143e025f7a2d5842ac46cb7221e6f367140ab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ghemassagekaitashi.com/

Response headers

content-encoding: gzip
x-cache-remote: TCP_MISS from a23-48-100-142.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
expires: Sun, 24 Nov 2024 22:26:20 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=210, origin; dur=7, inner; dur=3
x-cache: TCP_MISS from a96-17-180-183.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date: Sun, 24 Nov 2024 22:26:20 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: d1ddad60.8aa520f
x-tt-trace-host: 01919764b5f5c9599352f139a013031a338abac514943fe356ffde37f3dbf02fe601187fbeaa838e30f5ef803490fb2375c322b54305e08a35dbb9b053d2dbf85a6f6d24481c1a197b6d447fd478f3cfc7e29c7ab106167965274f9332f35022ba9612c2b062675cfdff6c85ab4d0f76ce
x-origin-response-time: 7,23.48.100.142
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-241124222620F25EA68731FFC6B89610-421926808953CFCE-00
x-parent-response-time: 217,96.17.180.183
x-tt-logid: 20241124222620F25EA68731FFC6B89610
server: nginx

GET
DATA 200
OK truncated
/ 160 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ae27f3935db37745b8fcd6ff99b0e45ba029904d7d8c9564ee6dc84c12c95e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H3 200 HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3jWuZEC.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 13 KB
13 KB 54ms
33ms Font
font/woff2 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3jWuZEC.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&family=Barlow+Condensed:wght@400;700&family=Oswald:wght@400;700&family=Trirong:wght@400;700&family=Tinos:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

9dbbaa9e884efd355c99d77730d93cce026c7a39fa50717e87de85b638007a3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.ghemassagekaitashi.com
Referer: https://fonts.googleapis.com/

Response headers

age: 50634
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Mon, 24 Nov 2025 08:22:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 08:22:26 GMT
last-modified: Tue, 19 Apr 2022 18:42:58 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13692
x-xss-protection: 0
server: sffe

GET
H3 200 HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 21 KB
21 KB 58ms
38ms Font
font/woff2 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

8320299532b4b81498d5b3714d49c9d5938883b55f4c2a1efe6f105bf4a942bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.ghemassagekaitashi.com
Referer: https://fonts.googleapis.com/

Response headers

age: 213074
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 11:15:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 11:15:06 GMT
last-modified: Tue, 19 Apr 2022 18:46:45 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21440
x-xss-protection: 0
server: sffe

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v29/ 69 KB
69 KB 53ms
33ms Font
font/woff2 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

516507425d7f314a4731db8a6848b8d584326bad9cc47dbffa4052faf90de11b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.ghemassagekaitashi.com
Referer: https://fonts.googleapis.com/

Response headers

age: 597331
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 18 Nov 2025 00:30:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 00:30:49 GMT
last-modified: Wed, 06 Nov 2024 17:30:38 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 70768
x-xss-protection: 0
server: sffe

GET
H3 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v53/ 21 KB
21 KB 59ms
40ms Font
font/woff2 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

99027d866818f716d208569108a962ac72200197cae503efe5b6bf002bf4915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.ghemassagekaitashi.com
Referer: https://fonts.googleapis.com/

Response headers

age: 26127
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Mon, 24 Nov 2025 15:10:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 15:10:53 GMT
last-modified: Tue, 15 Aug 2023 18:38:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21444
x-xss-protection: 0
server: sffe

GET
H3 200 7r3GqXNgp8wxdOdOn4so2A.woff2
fonts.gstatic.com/s/trirong/v15/ 20 KB
20 KB 78ms
60ms Font
font/woff2 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/trirong/v15/7r3GqXNgp8wxdOdOn4so2A.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

8a5aefbfafc4dea69fd7fae1fb0ec0c9ae027c04db207785418fe1ead633de55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.ghemassagekaitashi.com
Referer: https://fonts.googleapis.com/

Response headers

age: 0
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Mon, 24 Nov 2025 22:26:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 22:26:20 GMT
last-modified: Thu, 24 Aug 2023 20:27:16 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20772
x-xss-protection: 0
server: sffe

GET
H3 200 buE4poGnedXvwjX7fmQ.woff2
fonts.gstatic.com/s/tinos/v24/ 27 KB
27 KB 45ms
26ms Font
font/woff2 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tinos/v24/buE4poGnedXvwjX7fmQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

c8e3b03a30279836255de18c24e692e9d1d90a6be03d6ca3c3ec6ef41e146454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.ghemassagekaitashi.com
Referer: https://fonts.googleapis.com/

Response headers

age: 99891
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 18:41:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 18:41:29 GMT
last-modified: Tue, 19 Apr 2022 18:53:09 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 28080
x-xss-protection: 0
server: sffe

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/ 37 KB
37 KB 74ms
55ms Font
font/woff2 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.ghemassagekaitashi.com
Referer: https://fonts.googleapis.com/

Response headers

age: 61608
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Mon, 24 Nov 2025 05:19:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 05:19:32 GMT
last-modified: Wed, 06 Nov 2024 17:30:37 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37828
x-xss-protection: 0
server: sffe

GET
H3 200 HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 20 KB
20 KB 69ms
50ms Font
font/woff2 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v12/HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.ghemassagekaitashi.com
Referer: https://fonts.googleapis.com/

Response headers

age: 26651
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Mon, 24 Nov 2025 15:02:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 15:02:09 GMT
last-modified: Tue, 19 Apr 2022 18:28:11 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20200
x-xss-protection: 0
server: sffe

GET
H3 200 HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3nWuZEC.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 7 KB
7 KB 74ms
56ms Font
font/woff2 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3nWuZEC.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

3ab394ddf299b43a8d7fd60d12a1e1650a836e378bb97c46db74cf70c7c84cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.ghemassagekaitashi.com
Referer: https://fonts.googleapis.com/

Response headers

age: 50634
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Mon, 24 Nov 2025 08:22:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 08:22:26 GMT
last-modified: Tue, 19 Apr 2022 18:21:17 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6928
x-xss-protection: 0
server: sffe

GET
H3 200 JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2
fonts.gstatic.com/s/montserrat/v29/ 13 KB
13 KB 45ms
28ms Font
font/woff2 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

1d9320d0a0261ae7d49bd23062b5077f47cdb1a67bae4daa0c7dc34db89ea46f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.ghemassagekaitashi.com
Referer: https://fonts.googleapis.com/

Response headers

age: 82014
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 23:39:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 23:39:26 GMT
last-modified: Wed, 06 Nov 2024 17:30:36 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13020
x-xss-protection: 0
server: sffe

GET
H3 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlZHYjedg.woff2
fonts.gstatic.com/s/oswald/v53/ 6 KB
6 KB 63ms
45ms Font
font/woff2 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlZHYjedg.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

31d66284204ab36bfd0b97ed55fcf8e4bbceafa0a8bd46b71f64db8d0ef9d500

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.ghemassagekaitashi.com
Referer: https://fonts.googleapis.com/

Response headers

age: 54568
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Mon, 24 Nov 2025 07:16:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 07:16:52 GMT
last-modified: Tue, 15 Aug 2023 18:25:00 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6224
x-xss-protection: 0
server: sffe

GET
H3 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlYHYjedg.woff2
fonts.gstatic.com/s/oswald/v53/ 18 KB
18 KB 71ms
55ms Font
font/woff2 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlYHYjedg.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

a2af879c9d863ff503ebd89ef251c9d8caa2c8063f097c29e31856e27aca2630

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.ghemassagekaitashi.com
Referer: https://fonts.googleapis.com/

Response headers

age: 603412
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 22:49:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 22:49:28 GMT
last-modified: Tue, 15 Aug 2023 18:23:36 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18716
x-xss-protection: 0
server: sffe

GET
H3 200 7r3GqXNgp8wxdOdOn4Qo2JZg.woff2
fonts.gstatic.com/s/trirong/v15/ 11 KB
11 KB 69ms
51ms Font
font/woff2 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/trirong/v15/7r3GqXNgp8wxdOdOn4Qo2JZg.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

fa7e06ce19f28ec02a2dd098b0dc872e8a7f8c956623aaf9204041da8106b1a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.ghemassagekaitashi.com
Referer: https://fonts.googleapis.com/

Response headers

age: 25077
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Mon, 24 Nov 2025 15:28:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 15:28:23 GMT
last-modified: Thu, 24 Aug 2023 20:02:41 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10892
x-xss-protection: 0
server: sffe

GET
H3 200 buE4poGnedXvwjX1fmRR8Q.woff2
fonts.gstatic.com/s/tinos/v24/ 47 KB
47 KB 65ms
48ms Font
font/woff2 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tinos/v24/buE4poGnedXvwjX1fmRR8Q.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

5695ec60ce2144f9d6a79c9af68a914d1a922e13d801aca4e896034b187e305a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.ghemassagekaitashi.com
Referer: https://fonts.googleapis.com/

Response headers

age: 598151
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 18 Nov 2025 00:17:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 00:17:09 GMT
last-modified: Tue, 19 Apr 2022 19:58:59 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48420
x-xss-protection: 0
server: sffe

GET
H3 200 buE4poGnedXvwjX0fmRR8Q.woff2
fonts.gstatic.com/s/tinos/v24/ 10 KB
10 KB 64ms
47ms Font
font/woff2 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tinos/v24/buE4poGnedXvwjX0fmRR8Q.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

827de746cd83d2e4e5e1368b7ba0eba402d6d3d7a6ade6a9577cb200f53b7c28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.ghemassagekaitashi.com
Referer: https://fonts.googleapis.com/

Response headers

age: 140401
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 07:26:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 07:26:19 GMT
last-modified: Tue, 19 Apr 2022 19:01:26 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10384
x-xss-protection: 0
server: sffe

GET
H3 200 HTx3L3I-JCGChYJ8VI-L6OO_au7B6x_T2kn3.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 13 KB
13 KB 42ms
26ms Font
font/woff2 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v12/HTx3L3I-JCGChYJ8VI-L6OO_au7B6x_T2kn3.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

af37ac52e94a76baa8c37ef1d5315e6c57ab512c9448cbf85b238ede6ae56b9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.ghemassagekaitashi.com
Referer: https://fonts.googleapis.com/

Response headers

age: 596369
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 18 Nov 2025 00:46:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 00:46:51 GMT
last-modified: Tue, 19 Apr 2022 18:25:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12864
x-xss-protection: 0
server: sffe

GET
H3 200 HTx3L3I-JCGChYJ8VI-L6OO_au7B6x7T2kn3.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 7 KB
7 KB 43ms
27ms Font
font/woff2 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v12/HTx3L3I-JCGChYJ8VI-L6OO_au7B6x7T2kn3.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

42fb8115c0b5e9d4b569b4694ccc582b14b1924c115fd65e580a4a6864d9c3ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.ghemassagekaitashi.com
Referer: https://fonts.googleapis.com/

Response headers

age: 603378
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 22:50:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 22:50:02 GMT
last-modified: Tue, 19 Apr 2022 18:29:35 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6656
x-xss-protection: 0
server: sffe

GET
H2 200 flashsale-la-gi-vao-nhung-ngay-nao-cach-san-flashsale22-20230420141830-ixkn-.png
w.ladicdn.com/s450x400/5dadc2a03bf9ab4ea2cc8ccb/rbg/ 166 KB
166 KB 8ms
6ms Image
image/png 13.35.238.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s450x400/5dadc2a03bf9ab4ea2cc8ccb/rbg/flashsale-la-gi-vao-nhung-ngay-nao-cach-san-flashsale22-20230420141830-ixkn-.png
Requested by: Host: www.ghemassagekaitashi.com
URL: https://www.ghemassagekaitashi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.238.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-238-29.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: cf0bf63462664a05ce7970d2244c0795c49372d8f4f00b70a58fe5e4aa6f5c4b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ghemassagekaitashi.com/

Response headers

access-control-max-age: 2592000
content-encoding: gzip
age: 3349955
access-control-allow-methods: GET
expires: Fri, 17 Oct 2025 03:53:44 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: UC8p-2F_2a-hkc_iI23kDIXWV6tf0ZNXmk4pFwrRLlbDQkH3GCdaMw==
date: Thu, 17 Oct 2024 03:53:44 GMT
content-type: image/png
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cache-control: public, max-age=31536000
access-control-allow-credentials: true
via: 1.1 c9e960a38bdca78bc2199689902e6c2e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: SIN2-P8
server: nginx

GET
H2 200 z6033084909824_26992ca55a3cdb36d1ab0773b69c4bb7-20241114142615-rbbyp.jpg
w.ladicdn.com/s750x950/5dadc2a03bf9ab4ea2cc8ccb/ 78 KB
79 KB 8ms
7ms Image
image/jpeg 13.35.238.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s750x950/5dadc2a03bf9ab4ea2cc8ccb/z6033084909824_26992ca55a3cdb36d1ab0773b69c4bb7-20241114142615-rbbyp.jpg
Requested by: Host: www.ghemassagekaitashi.com
URL: https://www.ghemassagekaitashi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.238.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-238-29.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: e4d5b882c6f3847773ff5660c0bba10cb66481536e0598041d7de63a1a5038a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ghemassagekaitashi.com/

Response headers

access-control-max-age: 2592000
content-encoding: gzip
age: 892566
access-control-allow-methods: GET
expires: Fri, 14 Nov 2025 14:30:13 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: GDiZXIEcHPgU5V_p2yrOYL1U3N_Zjd2anYVNRPsh_-3FLlFgZEs2HQ==
date: Thu, 14 Nov 2024 14:30:13 GMT
content-type: image/jpeg
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cache-control: public, max-age=31536000
access-control-allow-credentials: true
via: 1.1 c9e960a38bdca78bc2199689902e6c2e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: SIN2-P8
server: nginx

GET
H2 200 icon-line-20241114071512-nyol2.png
w.ladicdn.com/s450x350/5dadc2a03bf9ab4ea2cc8ccb/ 6 KB
7 KB 14ms
12ms Image
image/png 13.35.238.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s450x350/5dadc2a03bf9ab4ea2cc8ccb/icon-line-20241114071512-nyol2.png
Requested by: Host: www.ghemassagekaitashi.com
URL: https://www.ghemassagekaitashi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.238.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-238-29.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: 9fe53194fcc3cdd0970fdcd0114496aeeb718a5f2448eeb8de374745f0b8297e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ghemassagekaitashi.com/

Response headers

access-control-max-age: 2592000
content-encoding: gzip
age: 918434
access-control-allow-methods: GET
expires: Fri, 14 Nov 2025 07:19:05 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: H7VOz06tAp-LGsNvsi418jfZg9x4UW7OkXBYtIweGoxJ061P78_jQg==
date: Thu, 14 Nov 2024 07:19:05 GMT
content-type: image/png
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cache-control: public, max-age=31536000
access-control-allow-credentials: true
via: 1.1 c9e960a38bdca78bc2199689902e6c2e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: SIN2-P8
server: nginx

GET
H2 200 untitled-1-20220806172624.png
w.ladicdn.com/s550x350/6067d81411f37500206502f7/ 288 KB
289 KB 9ms
8ms Image
image/png 13.35.238.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s550x350/6067d81411f37500206502f7/untitled-1-20220806172624.png
Requested by: Host: www.ghemassagekaitashi.com
URL: https://www.ghemassagekaitashi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.238.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-238-29.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: dc05250e2f69c3e2365171dbf05b73d80b4e00aa0ba99a98247a4f273842c2f3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ghemassagekaitashi.com/

Response headers

access-control-max-age: 2592000
content-encoding: gzip
age: 6361460
access-control-allow-methods: GET
expires: Fri, 12 Sep 2025 07:21:59 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 1QQfEmdrXtL3_V3-MT8aUnQIrXa5iWsFXBsHq5QfgWA51UHmIOkRwg==
date: Thu, 12 Sep 2024 07:21:59 GMT
content-type: image/png
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cache-control: public, max-age=31536000
access-control-allow-credentials: true
via: 1.1 c9e960a38bdca78bc2199689902e6c2e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: SIN2-P8
server: nginx

GET
H2 200 0428-xa-hang-20241114071010-38ckq.png
w.ladicdn.com/s450x400/5dadc2a03bf9ab4ea2cc8ccb/ 61 KB
61 KB 64ms
63ms Image
image/png 13.35.238.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s450x400/5dadc2a03bf9ab4ea2cc8ccb/0428-xa-hang-20241114071010-38ckq.png
Requested by: Host: www.ghemassagekaitashi.com
URL: https://www.ghemassagekaitashi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.238.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-238-29.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: de5cb7ef8257923dfa927fe0c5b33788b19506a2f45e77e22b14845aa7542886

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ghemassagekaitashi.com/

Response headers

access-control-max-age: 2592000
content-encoding: gzip
age: 918431
access-control-allow-methods: GET
expires: Fri, 14 Nov 2025 07:19:08 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: MomLxHgdo3UuHx1Qe8PydzYWP3meGKwG6HdpKSumijaFAMbVE4iPlQ==
date: Thu, 14 Nov 2024 07:19:08 GMT
content-type: image/png
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cache-control: public, max-age=31536000
access-control-allow-credentials: true
via: 1.1 c9e960a38bdca78bc2199689902e6c2e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: SIN2-P8
server: nginx

GET
H2 200 1634_ghe_massage_ks_112_avt-20241114071016-n6eo2.jpg
w.ladicdn.com/s500x500/5dadc2a03bf9ab4ea2cc8ccb/ 22 KB
22 KB 13ms
13ms Image
image/jpeg 13.35.238.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s500x500/5dadc2a03bf9ab4ea2cc8ccb/1634_ghe_massage_ks_112_avt-20241114071016-n6eo2.jpg
Requested by: Host: www.ghemassagekaitashi.com
URL: https://www.ghemassagekaitashi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.238.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-238-29.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: d5129f52e0bb59972c8b9b6cb2a21d2c7fe2abc533672afc9387b7b66f4ba260

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ghemassagekaitashi.com/

Response headers

access-control-max-age: 2592000
content-encoding: gzip
age: 894000
access-control-allow-methods: GET
expires: Fri, 14 Nov 2025 14:06:19 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 857Y8a9ecH2VLMt5VeGHq10HPjVxzAhCThUB2wtk-ocyGjdwXzY6Ew==
date: Thu, 14 Nov 2024 14:06:19 GMT
content-type: image/jpeg
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cache-control: public, max-age=31536000
access-control-allow-credentials: true
via: 1.1 c9e960a38bdca78bc2199689902e6c2e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: SIN2-P8
server: nginx

GET
H2 200 1634_ghe-massage-kaitashi-ks-1126-20241114071010-_npph.jpg
w.ladicdn.com/s500x600/5dadc2a03bf9ab4ea2cc8ccb/ 55 KB
56 KB 55ms
54ms Image
image/jpeg 13.35.238.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s500x600/5dadc2a03bf9ab4ea2cc8ccb/1634_ghe-massage-kaitashi-ks-1126-20241114071010-_npph.jpg
Requested by: Host: www.ghemassagekaitashi.com
URL: https://www.ghemassagekaitashi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.238.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-238-29.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: a836d8318fc395149390a4a878ee66257a24ab9a837f1c4e9734878762fb84fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ghemassagekaitashi.com/

Response headers

access-control-max-age: 2592000
content-encoding: gzip
age: 894000
access-control-allow-methods: GET
expires: Fri, 14 Nov 2025 14:06:19 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 6oi5OuVgD77r8Tm4RG3-g7kuwFvTVRKP1iOnd5Y_mudzmuSQQHFKrQ==
date: Thu, 14 Nov 2024 14:06:19 GMT
content-type: image/jpeg
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cache-control: public, max-age=31536000
access-control-allow-credentials: true
via: 1.1 c9e960a38bdca78bc2199689902e6c2e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: SIN2-P8
server: nginx

OPTIONS
H2 200 event
a.ladipage.com/ 0
0 29ms
3ms Preflight
application/json 18.143.120.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a.ladipage.com/event

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.143.120.180 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-143-120-180.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,ladi_camp_form_submit,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_page_view
Access-Control-Request-Method: POST
Origin: https://www.ghemassagekaitashi.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 2592000
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 24 Nov 2024 22:26:20 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 ladipage.formdata.min.js Show response
w.ladicdn.com/v4/source/ 128 KB
30 KB 35ms
34ms Script
text/javascript 13.35.238.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/v4/source/ladipage.formdata.min.js?v=1731311793243
Requested by: Host: w.ladicdn.com
URL: https://w.ladicdn.com/v4/source/ladipagev3.min.js?v=1731311793243
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.238.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-238-29.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: fe6fd2c7d5a4e494e81043979b51f02e63cf8f18a536b9ecad9480b87829c596

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ghemassagekaitashi.com/

Response headers

access-control-max-age: 2592000
content-encoding: gzip
age: 224680
access-control-allow-methods: GET
expires: Sat, 22 Nov 2025 08:01:40 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: VB_z7OUzVlVcpskzJ9wfTIirPfas5ZtvR4_ph8QoTdUZ4dSLdbu3ag==
date: Fri, 22 Nov 2024 08:01:40 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cache-control: public, max-age=31536000
access-control-allow-credentials: true
via: 1.1 c9e960a38bdca78bc2199689902e6c2e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: SIN2-P8
server: nginx

GET
H2 200 tq Show response
docs.google.com/spreadsheets/d/1Yoq34PXZgMrveRb6Tq9kGSHgTAdNM1XnIkY6eKjlB6Y/gviz/ 7 KB
6 KB 352ms
321ms XHR
application/javascript 74.125.200.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/spreadsheets/d/1Yoq34PXZgMrveRb6Tq9kGSHgTAdNM1XnIkY6eKjlB6Y/gviz/tq?tqx=out:json

Requested by

Host: w.ladicdn.com
URL: https://w.ladicdn.com/v4/source/ladipagev3.min.js?v=1731311793243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f102.1e100.net

Software

GSE /

Resource Hash

5e027f7ddb138eabf032d63c4160b77f389aa4d44375ae8e195dcb08674d67df

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt, base-uri 'self';object-src 'self';report-uri https://docs.google.com/spreadsheets/cspreport;script-src 'report-sample' 'nonce-UhtPv4ADmWpryiN6mEG9pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ghemassagekaitashi.com/

Response headers

x-robots-tag: noindex, nofollow, nosnippet
access-control-expose-headers: Cache-Control,Content-Disposition,Content-Encoding,Content-Length,Content-Type,Date,Expires,Pragma,Server,Transfer-Encoding
content-encoding: gzip
origin-trial: Arlbm3aYP4F8jryBe5TXZ49CJDmGTgEpjkLwYKtvJpvg65pxTRq/0LtrY3S/FMwogUWu6GvOhoCX1WWtJ8wVXQkAAABpeyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IlVzZXJBZ2VudFJlZHVjdGlvbiIsImV4cGlyeSI6MTY1MDQxMjc5OSwiaXNTdWJkb21haW4iOnRydWV9,AhxcztKp010aBKHVrp22t1Ieo9DBnbz20T+nya5mIJWvQ4DhZYxd51x5CRwWbKMfGXnFipp5sSVJV3TmGYdv4QMAAAByeyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IldlYkFzc2VtYmx5SlNTdHJpbmdCdWlsdGlucyIsImV4cGlyeSI6MTczNjgxMjgwMCwiaXNTdWJkb21haW4iOnRydWV9
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-l2-request-path: l2-managed-6
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Sun, 24 Nov 2024 22:26:20 GMT
content-type: application/javascript; charset=utf-8
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
reporting-endpoints: default="/spreadsheets/d/1Yoq34PXZgMrveRb6Tq9kGSHgTAdNM1XnIkY6eKjlB6Y/web-reports?bl=editors.spreadsheets-frontend_20241112.01_p3&context=eJwV0HtcVVUWB_DtOXttUS5wLw81AwlRSAT0gqQiD3lDGsjkuK_ai-Q6ImYFUr5w8JHDGGlphVIKyFMvGIMRpKIOKBgmYnxEzRCpQF6KpCRoyvzmj-9n7b3OWXutvcd2TQh_soRdhhAu2buQbSaZMkayUnPJjmsk02sly4O_6ySbZC2Zq51k5-DMeMncJ0hmAu3zki2xl8xjkmT5kOAoWbyzZG-44Ew4DU_cJLNwl0wH0z0k2-sp2U69ZJnekn0F-T6SVcyRrHuuZCWBklXDnTDJhqIkq4uWrAVcDZLNBnWpZDbQtEyy27DgdcmWw7U41MALb0s2Jl6y52BWomSh0JuCGcBmvWTX0yTrgtDtki2GOZ9IFgmxuyWLg2twB3Z9KVkWTM2UzAdM-yU7Cc_A8oBky_Iwez7yUFskWTOkHpMsHWzLJJsCtSeRh3mnMCe0Vkt2FxrPSHYLgi6iL4xrkswF2lok6wfTNfSC727g_lBzS7KfYFK7ZJ6Q-btkReDcIZk3lEMN1EELdHXi7WDFsGTJEKQaWCykcAP7CCaONTA3mAGBMKI1MCudgUU4G5iE8dMNzBWuzzawLrCYa2AOcNbXwJpguZ-BJUKVv4FdAJtgA3OGGxEG1g3HIg3sNNgsQB4-iTawg5AagzWkLkOEWfEGFgqvrDKw16F6tYFdAou16Af3kw2MrTOwrfAZeH9oYCHgst7AXgKx2cDGgVuagflCm90V5uXWq_hCzmsDSjHc-8eA8idcrR1QWmGDyx_KzfY_lN-g1fOB0gG2Sx4o9tDrOag8gKszB5VB_aDyFMIjB5VoSEgdVN6H0LRBZSG8um1QWQ6_nhhUesCY-Eh5Byr8hpRqSPMfUtIhfOWQEg2OHw8prrBj3LCSAc0bh5WbsKthWNkL-qZhZS7EWD9WJLRue6x0QGPOY6UFpmf9pXjDnFefKfNhEhtRXCDNfkRJh6r1I8pZcNs4onjBcSumnoTFSUx9DZR2po79P-MotePwKHUob5TK8kepJzMUtRaO5yjqSVDOK6rKVdUcPn9RVb-GiFdVNQaaF6vqTdizVVUz4ZV_qaoBNnao6jaYNZargTDNiat6yOj35Z-DR8887gMH783jBZA4OI8nw4MYP16X6ccbYbDEjz-Fpmn-fGi2P2dz_Hlnpj8fgNlTAnggtHgF8FvwOD6AK8YAXkOBvAGe7g7ktCeQu_wQyD0hXc7nn0KNfRBvALuoIP4CtL4cxDugJTWId4L33SA-D6bODOY-sDo4mCfB7xnB_CHkm4L53ZJgzBbMnTQhfBqUjQ_hVeASG8I94eMPQvg-iEoN4bHQUhzCO-HeNyH8T3inPISngFMv6mHwfgh_Cj85hfKfYZNLKP8Y7PeHcnd4sTiUzwSH_4ZyD3jpfigPgCCIgjRIh3q4DBYDodwOnGAaOLqHcVdYuDqML4aU98N4KhxPCuO1wD8I4xo4tDeMF8LpL8J4IzRnhfHfQHM6jNvCB_VhvPVKGO-As51h_ALoLcL5XLBwCud2EOoTzheCfCucvwlr1oTzzRCxJ5zHwNF94fwEtFeE8wE4syWCX4aKmxH8PJR3RfAaqLSL5PbjIrk75DpE8v_AxSWRvBmu1UXyOzCmJZLbQqZNFM-GpxOiuNlzUTxn9Mu8GOrGvswboQuGYHlMNtX-LZsuwoyV2RQItauwh-KEbKqC9Mps-hQ0p7PJHi5H5FAbOEXmkB4SjDn0PuzKzaEsqM_LoWln8A32tuXQ8IMcGvUwhyqhHrYN4V944_lcWgnLluXSaihYkUsVYFmVS-Pg5x9z6VfwHcmlYLB__TBNgeOfHaZaOJV_mM7BlQuHqR06YBCabfPoJqSOz6NP4PmkPHKGb7Py6Bx81p9HB2C0Yz6Nh0qoh-GAfEoNzafONfl0D2w-zCdnCIJYWHQln96CAzBZLSAvsHcsoCmgn44YXUCzwOGjApoK24sLaB8s-KWAlsM3QYV0Bt5eUEiuCwtpBlRvKaRLsKO6kPaAY1IRzQCvkiIKhnbohlWXiii5vYi2Q7laTORYTBYwzq-YXKB7azE9hP6MYhqBLRXFtBN-qSymPpiqPUI-ML_pCC2CrMyjZHXnKI2HQ91HqRAOPUGE1qdHqQMStCbaADs8TLQHxiwwkQ700SaaC8_FmGga1Mab6CKEbDFRNGz6wkTbob7YRJcho9xEX8MfaSWkbC0h3_MldBIuQmVdCdWDvruEguDgi6VUAE_cSkmdXkpTZ5eSD7gllpIXVKWU0gW4vqGUbsP6olJKg6iqUrr2fSm1Qc7VUiqDnSuO0W7Qv3eMHAJ7aCqUGXuoCtK39NB-yIEyiNjdQ_ojPRQEZk09pIV5P_RSONTc7KUGmO_UR4vALLCPtHDi-z6qge6zfTQAjjV95ApLF9ylOOg7cJcewuSDd8kLdMZ-coIjH_aTsrOfJkDjLHNR7WMuLsFpaS7qQLPUXNjCnm_MRTb4N5iLRrgFarO5sIExHeZCB2s7zYXXI3MRDEsfm4s3wGyiRmhBv0YjmtZqxHWgHRpxL1Mj_oS8_RphgicHNELN0ojKrzTiFJTd0IjHbRqh3EaNlYW4DXKmhYhJQoRnmyyE5WbkUy3EfdBUWAhbSO61EOvB-5GFCIGlEy3FwjmW4jUoMVqKb-HhbkvxF2TssxRfQ3K5pdh8zlLsgENeVqIQbqy0ErsSrUQWbOiwEqzXSmhhxQMrkQjfLdSKSYu0IgCi4csCrTgETUe04ir8cEMrGqG9UysGYHKPVrjB-Uda0QDlT7TiBLw1WSccnHVCddMJc_h5sU64L9UJPzA7pxMTwLdBJ4Ih8Ued2ATH23SiFk55WIsfISbMWkhIibMWqXBoo7XY1GQtLhlsRCucWG8jaiDunzYiAdyu2Ahjs42I_cVWrIRnOjshrO3E6A474QBlXXbCWmOW0bT7hNDebvj3rlETxy6Oe3uNMTbFmLRhsrsxPmHdu0nJnsnvJRnj4pNXGY3rkj1WJr27dp1xbfybXjO9Zun1ei_Pmfo33_P-H1g0fBk&build-label=editors.spreadsheets-frontend_20241112.01_p3&imp-sid=CMWQ1teB9okDFXoMqQEdsEM3Ig&is-cached-offline=false"
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt, base-uri 'self';object-src 'self';report-uri https://docs.google.com/spreadsheets/cspreport;script-src 'report-sample' 'nonce-UhtPv4ADmWpryiN6mEG9pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Reduced
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.ghemassagekaitashi.com
x-xss-protection: 1; mode=block
server: GSE

GET
DATA 200
OK truncated
/ 385 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d43791134e2e13160c0f0ad2a1b60831798f279d51728750ab7a5e3adce156a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

POST
H2 200 event Show response
a.ladipage.com/ 125 B
651 B 11ms
9ms XHR
text/plain 18.143.120.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a.ladipage.com/event

Requested by

Host: w.ladicdn.com
URL: https://w.ladicdn.com/v4/source/ladipagev3.min.js?v=1731311793243

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.143.120.180 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-143-120-180.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

0e8766356e7b8f563df27d4e7928077709065f892850c9089cb42d922530fc7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

LADI_CAMP_ID
LADI_CAMP_TYPE
LADI_CAMP_TARGET_URL
Referer: https://www.ghemassagekaitashi.com/
LADI_CLIENT_ID: 0236ddb6-0f4b-4d16-7b4a-2927f6f4bf17
LADI_CAMP_ORIGIN_URL
LADI_FORM_SUBMIT: 0
LADI_CAMP_NAME
LADI_CAMP_PAGE_VIEW: 0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
LADI_CAMP_FORM_SUBMIT: 0
LADI_PAGE_VIEW: 1

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
access-control-max-age: 2592000
x-content-type-options: nosniff
x-download-options: noopen
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
date: Sun, 24 Nov 2024 22:26:20 GMT
x-xss-protection: 0
content-type: text/plain; charset=utf-8
x-frame-options: SAMEORIGIN

GET
H2 200 location.vn.min.js Show response
w.ladicdn.com/v4/source/ 542 KB
128 KB 13ms
4ms Script
text/javascript 13.35.238.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/v4/source/location.vn.min.js?v=1731311793243
Requested by: Host: w.ladicdn.com
URL: https://w.ladicdn.com/v4/source/ladipagev3.min.js?v=1731311793243
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.238.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-238-29.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: 12be3610fd58ee15db3b7dd23382189d135d3287d9217bf957e2cbb0a7aa1437

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ghemassagekaitashi.com/

Response headers

access-control-max-age: 2592000
content-encoding: gzip
age: 224675
access-control-allow-methods: GET
expires: Sat, 22 Nov 2025 08:01:45 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: CBGMkjDmTj1eHrNZhoi7xaP2lx5cc2BKQYovMbi9rZuEutvYs5A_bA==
date: Fri, 22 Nov 2024 08:01:45 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cache-control: public, max-age=31536000
access-control-allow-credentials: true
via: 1.1 c9e960a38bdca78bc2199689902e6c2e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: SIN2-P8
server: nginx

GET
H3 200 965919962046529 Show response
connect.facebook.net/signals/config/ 69 KB
14 KB 304ms
304ms Script
application/x-javascript 57.144.144.128
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/965919962046529?v=next&r=canary&domain=www.ghemassagekaitashi.com&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C44%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C169%2C142%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C5%2C90%2C81%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

57.144.144.128 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-sin11.fbcdn.net

Software

Resource Hash

0833bf8282df953039a9f96065151eba1cc79d1f3373ca03b25ea7ffeffddcf6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-Me0ufaNd' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ghemassagekaitashi.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 24 Nov 2024 22:26:20 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-Me0ufaNd' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=72, mss=1232, tbw=71827, tp=67, tpl=0, uplat=298, ullat=0
pragma: public
x-fb-debug: TFsenTaoaX52fLCF3Ob4e/cRNbX5c83aa00Et7I6XdMqlZo4YR27gUK5+2IaZtB1mCFCkdDutqL+Kcs5JExOaA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 17ms
4ms Fetch
text/plain 142.251.175.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-QWJ7CM8KME&gtm=45je4bk0v9200101292za200&_p=1732487179906&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=2109366408.1732487180&ul=en-sg&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732487180&sct=1&seg=0&dl=https%3A%2F%2Fwww.ghemassagekaitashi.com%2F&dt=GH%E1%BA%BE%20MASSAGE%20KAITASHI%20KS-112&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=521
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QWJ7CM8KME
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.175.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: sh-in-f102.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ghemassagekaitashi.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.ghemassagekaitashi.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 22:26:20 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 main.MWQ3ODVjY2ZhMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 344 KB
95 KB 8ms
8ms Script
application/javascript 184.50.85.169
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ3ODVjY2ZhMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE3KJTRC77UAS1JJAR70&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.50.85.169 Singapore, Singapore, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a184-50-85-169.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4f9fab1dba389fa19212a3c7cf89445cee3f9b26ffc4ff940f4f83668d11e44f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ghemassagekaitashi.com/

Response headers

x-cache: TCP_HIT from a96-17-180-183.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id: 00-241119140057074B6DD87059611BDC83-32B812B62808E242-00
content-length: 96859
date: Sun, 24 Nov 2024 22:26:20 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20241119140057074B6DD87059611BDC83
server: nginx
x-akamai-request-id: 8aa5340
x-tt-trace-host: 010f9ff04e0e3489af58ec8fce8e0d75ee03dc4514397e13b8c4a5d0833b3780e0db72f03d462ef17d7dfb4763cb9d363f112ee84303510770960fcf652869b3ad3feffa0acb496e3940d4d04ab16f99fe7b56f1e9aedc799be77c3487c82aa176

GET
H2 200 identify_45dd5971.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 26ms
26ms Script
application/javascript 184.50.85.169
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ3ODVjY2ZhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.50.85.169 Singapore, Singapore, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a184-50-85-169.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ghemassagekaitashi.com/

Response headers

x-cache: TCP_MEM_HIT from a96-17-180-183.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
x-tt-trace-id: 00-2411150520387B8A48321EAB4DF0A4EB-4CE2E20F6E68C18C-00
content-length: 39278
date: Sun, 24 Nov 2024 22:26:20 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202411150520387B8A48321EAB4DF0A4EB
server: nginx
x-akamai-request-id: 8aa5381
x-tt-trace-host: 0123d2bff4eefdecb25bd190158cc22c1349850cbb7e5d35bf4059011e2b079cfa93ed90cebfb8b286fa564e736802b050aa6e42859093c0c0c827a0e199505d0bee83924fdc6719311056069312c3d5fa288fc31bd44932ba6c1eb76dd8d9dea3

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
879 B 300ms
298ms Ping
text/plain 184.50.85.169
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ3ODVjY2ZhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.50.85.169 Singapore, Singapore, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a184-50-85-169.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.ghemassagekaitashi.com/

Response headers

x-cache-remote: TCP_MISS from a23-48-100-137.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Sun, 24 Nov 2024 22:26:20 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=257, origin; dur=29, inner; dur=21
x-cache: TCP_MISS from a96-17-180-183.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date: Sun, 24 Nov 2024 22:26:20 GMT
x-akamai-request-id: 865c4092.8aa5390
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01919764b5f5c9599352f139a013031a338abac514943fe356ffde37f3dbf02fe6a14cda72f9699a5aec3e850c092521b4c2806ac21e6df6f6b94a9fb37d50ec4356c6f8fe59ada4927511ef4cba0fa14d20f108993639830496e2bfaa55c0e09492600c6dcc131bf4dcd806902cd9bed8
x-origin-response-time: 29,23.48.100.137
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-2411242226204C24DEECFDFE7CCC9F9B-50EBA46E67CFB242-00
content-length: 0
x-parent-response-time: 279,96.17.180.183
x-tt-logid: 202411242226204C24DEECFDFE7CCC9F9B
server: nginx

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
874 B 252ms
251ms Ping
text/plain 184.50.85.169
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ3ODVjY2ZhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.50.85.169 Singapore, Singapore, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a184-50-85-169.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.ghemassagekaitashi.com/

Response headers

x-cache-remote: TCP_MISS from a23-48-200-72.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Sun, 24 Nov 2024 22:26:20 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=216, origin; dur=22, inner; dur=18
x-cache: TCP_MISS from a96-17-180-183.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date: Sun, 24 Nov 2024 22:26:20 GMT
x-akamai-request-id: 87d6e9c9.8aa5391
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01919764b5f5c9599352f139a013031a338abac514943fe356ffde37f3dbf02fe68d44ae020f211888bf4e8f0b931aaa4b8a3ea95c2f4ebd3bbf679ca1d237231ef764031f529e0f68a7c67a3a4b5529f78297d26032b62bf93f43fc2f80a0008cc61a4b07eae729f5d59a806b01ee916d
x-origin-response-time: 22,23.48.200.72
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241124222620253BB5EBEE9E12C47162-73F084CC7394CF78-00
content-length: 0
x-parent-response-time: 232,96.17.180.183
x-tt-logid: 20241124222620253BB5EBEE9E12C47162
server: nginx

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 16ms
4ms Image
text/plain 57.144.144.1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=965919962046529&ev=PageView&dl=https%3A%2F%2Fwww.ghemassagekaitashi.com%2F&rl=&if=false&ts=1732487180458&sw=1600&sh=1200&v=next&r=canary&ec=0&o=4126&fbp=fb.1.1732487180456.789934518778601574&ler=empty&cdl=API_unavailable&it=1732487180114&coo=false&uppt=0.1999988555908203&uvpt=0.10000038146972656&ttf=722&bdt=47.39999961853027&bdsize=251140&btsize=63583&brbs=0&cdt=330.20000076293945&cdsize=70454&ctsize=14035&crbs=0&let=15.399999618530273&rqm=GET

Requested by

Host: www.ghemassagekaitashi.com
URL: https://www.ghemassagekaitashi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

57.144.144.1 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-sin11.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ghemassagekaitashi.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=23, mss=1232, tbw=4693, tp=14, tpl=0, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 24 Nov 2024 22:26:20 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
192 B 247ms
235ms Image
image/png 57.144.144.1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=965919962046529&ev=PageView&dl=https%3A%2F%2Fwww.ghemassagekaitashi.com%2F&rl=&if=false&ts=1732487180458&sw=1600&sh=1200&v=next&r=canary&ec=0&o=4126&fbp=fb.1.1732487180456.789934518778601574&ler=empty&cdl=API_unavailable&it=1732487180114&coo=false&uppt=0.1999988555908203&uvpt=0.10000038146972656&ttf=722&bdt=47.39999961853027&bdsize=251140&btsize=63583&brbs=0&cdt=330.20000076293945&cdsize=70454&ctsize=14035&crbs=0&let=15.399999618530273&rqm=FGET

Requested by

Host: www.ghemassagekaitashi.com
URL: https://www.ghemassagekaitashi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

57.144.144.1 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-sin11.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ghemassagekaitashi.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440975780622550706"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 24 Nov 2024 22:26:20 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: k5WGnvy/D5cFrfU0oq8yWEPanrmk+sUQBCZ1t/aBOsu9xf6sTF/u3uWOeSfUuE09kz0WfiLqdQJP0kSPP5C9lQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7440975780622550706", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=24, mss=1232, tbw=8572, tp=24, tpl=0, uplat=230, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 17ms
5ms Image
text/plain 57.144.144.1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=965919962046529&ev=ViewContent&dl=https%3A%2F%2Fwww.ghemassagekaitashi.com%2F&rl=&if=false&ts=1732487180460&sw=1600&sh=1200&v=next&r=canary&ec=1&o=4126&fbp=fb.1.1732487180456.789934518778601574&ler=empty&cdl=API_unavailable&it=1732487180114&coo=false&uppt=0&uvpt=0&ttf=723.6000003814697&bdt=47.39999961853027&bdsize=251140&btsize=63583&brbs=0&cdt=330.20000076293945&cdsize=70454&ctsize=14035&crbs=0&let=15.399999618530273&rqm=GET

Requested by

Host: www.ghemassagekaitashi.com
URL: https://www.ghemassagekaitashi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

57.144.144.1 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-sin11.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ghemassagekaitashi.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=23, mss=1232, tbw=5013, tp=16, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 24 Nov 2024 22:26:20 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
193 B 246ms
234ms Image
image/png 57.144.144.1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=965919962046529&ev=ViewContent&dl=https%3A%2F%2Fwww.ghemassagekaitashi.com%2F&rl=&if=false&ts=1732487180460&sw=1600&sh=1200&v=next&r=canary&ec=1&o=4126&fbp=fb.1.1732487180456.789934518778601574&ler=empty&cdl=API_unavailable&it=1732487180114&coo=false&uppt=0&uvpt=0&ttf=723.6000003814697&bdt=47.39999961853027&bdsize=251140&btsize=63583&brbs=0&cdt=330.20000076293945&cdsize=70454&ctsize=14035&crbs=0&let=15.399999618530273&rqm=FGET

Requested by

Host: www.ghemassagekaitashi.com
URL: https://www.ghemassagekaitashi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

57.144.144.1 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-sin11.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ghemassagekaitashi.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440975779324379709"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xd2186dfe4093f251","source_keys":["1"]}],"aggregatable_values":{"1":10922},"aggregatable_source_registration_time":"exclude","filters":{"3":["8524439027611591"]},"debug_reporting":true,"debug_key":"4540760870188320149"}
date: Sun, 24 Nov 2024 22:26:20 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: dVOB5YfVNZuxpuOJ3ds7mkVs1mGmE7VUM0u//YJtfa/jrjlI847dGymgU6IB+pkBwcKC3/7duITMk+51M/uTeg==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7440975779324379709", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=24, mss=1232, tbw=9452, tp=25, tpl=0, uplat=230, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 18ms
6ms Image
text/plain 57.144.144.1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=965919962046529&ev=ScrollDepth_25_percent&dl=https%3A%2F%2Fwww.ghemassagekaitashi.com%2F&rl=&if=false&ts=1732487180461&sw=1600&sh=1200&v=next&r=canary&ec=2&o=4126&fbp=fb.1.1732487180456.789934518778601574&ler=empty&cdl=API_unavailable&it=1732487180114&coo=false&uppt=0&uvpt=0&ttf=724.7000007629395&bdt=47.39999961853027&bdsize=251140&btsize=63583&brbs=0&cdt=330.20000076293945&cdsize=70454&ctsize=14035&crbs=0&let=15.399999618530273&rqm=GET

Requested by

Host: www.ghemassagekaitashi.com
URL: https://www.ghemassagekaitashi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

57.144.144.1 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-sin11.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ghemassagekaitashi.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=23, mss=1232, tbw=5125, tp=17, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 24 Nov 2024 22:26:20 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
198 B 245ms
234ms Image
image/png 57.144.144.1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=965919962046529&ev=ScrollDepth_25_percent&dl=https%3A%2F%2Fwww.ghemassagekaitashi.com%2F&rl=&if=false&ts=1732487180461&sw=1600&sh=1200&v=next&r=canary&ec=2&o=4126&fbp=fb.1.1732487180456.789934518778601574&ler=empty&cdl=API_unavailable&it=1732487180114&coo=false&uppt=0&uvpt=0&ttf=724.7000007629395&bdt=47.39999961853027&bdsize=251140&btsize=63583&brbs=0&cdt=330.20000076293945&cdsize=70454&ctsize=14035&crbs=0&let=15.399999618530273&rqm=FGET

Requested by

Host: www.ghemassagekaitashi.com
URL: https://www.ghemassagekaitashi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

57.144.144.1 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-sin11.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ghemassagekaitashi.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440975779584762452"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 24 Nov 2024 22:26:20 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 9XVx0vrFDbYSAE5tH1OOXamYY7HMTGJlR/siUkaCpNBfwrOkSJuYsQ2ULEAWNWtsYaMQgDy0bWiMu0i+0cxyBg==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7440975779584762452", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=24, mss=1232, tbw=5388, tp=21, tpl=0, uplat=230, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
874 B 270ms
269ms Ping
text/plain 184.50.85.169
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ3ODVjY2ZhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.50.85.169 Singapore, Singapore, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a184-50-85-169.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.ghemassagekaitashi.com/

Response headers

x-cache-remote: TCP_MISS from a23-48-200-73.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Sun, 24 Nov 2024 22:26:20 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=216, origin; dur=45, inner; dur=41
x-cache: TCP_MISS from a96-17-180-183.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date: Sun, 24 Nov 2024 22:26:20 GMT
x-akamai-request-id: 8b5429fa.8aa5445
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01919764b5f5c9599352f139a013031a338abac514943fe356ffde37f3dbf02fe6521890e8c02fe151191fb92034cf5a87df4e91d57927a62649bc7fec82b041e7df48b319b0a9cad5e89cc855b1c82b44c9c79457656fd57af8e79370624fc6e3aa12c64c2db70b1929c31caf64e360c8
x-origin-response-time: 45,23.48.200.73
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241124222620D49B581AEEFB89AA8310-43E5051064E917F8-00
content-length: 0
x-parent-response-time: 253,96.17.180.183
x-tt-logid: 20241124222620D49B581AEEFB89AA8310
server: nginx

GET
H2

200

441583701_122095128590339038_3022677313439243344_n-20241115020449-np6qn.jpg
w.ladicdn.com/66609339ed4926001234e8f3/
Redirect Chain

https://static.ladipage.net/66609339ed4926001234e8f3/441583701_122095128590339038_3022677313439243344_n-20241115020449-np6qn.jpg
https://w.ladicdn.com/66609339ed4926001234e8f3/441583701_122095128590339038_3022677313439243344_n-20241115020449-np6qn.jpg

353 KB
300 KB

6ms
5ms

Other
image/jpeg

13.35.238.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/66609339ed4926001234e8f3/441583701_122095128590339038_3022677313439243344_n-20241115020449-np6qn.jpg
Protocol: H2
Server: 13.35.238.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-238-29.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: bda5285b36ff1d6b1bebe3b9302a0a7d8a491b80f484eb34ef22cfe584a25d48

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ghemassagekaitashi.com/

Response headers

access-control-max-age: 2592000
content-encoding: gzip
age: 850888
access-control-allow-methods: GET
expires: Sat, 15 Nov 2025 02:04:52 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: lpxaQZAelCfMg-Z9zfz9qSbRNzoVuUNxT9rTEoMLjSPCBGXbgu-VlA==
date: Fri, 15 Nov 2024 02:04:52 GMT
content-type: image/jpeg
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cache-control: public, max-age=31536000
access-control-allow-credentials: true
via: 1.1 c9e960a38bdca78bc2199689902e6c2e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: SIN2-P8
server: nginx

Redirect headers

location: https://w.ladicdn.com:443/66609339ed4926001234e8f3/441583701_122095128590339038_3022677313439243344_n-20241115020449-np6qn.jpg
content-length: 134
date: Sun, 24 Nov 2024 22:26:20 GMT
content-type: text/html
server: awselb/2.0

GET
H2

200

441583701_122095128590339038_3022677313439243344_n-20241115020449-np6qn.jpg
w.ladicdn.com/66609339ed4926001234e8f3/
Redirect Chain

https://static.ladipage.net/66609339ed4926001234e8f3/441583701_122095128590339038_3022677313439243344_n-20241115020449-np6qn.jpg
https://w.ladicdn.com/66609339ed4926001234e8f3/441583701_122095128590339038_3022677313439243344_n-20241115020449-np6qn.jpg

353 KB
0

0ms
0ms

Other
image/jpeg

13.35.238.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/66609339ed4926001234e8f3/441583701_122095128590339038_3022677313439243344_n-20241115020449-np6qn.jpg
Protocol: H2
Server: 13.35.238.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-238-29.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: bda5285b36ff1d6b1bebe3b9302a0a7d8a491b80f484eb34ef22cfe584a25d48

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ghemassagekaitashi.com/

Response headers

access-control-max-age: 2592000
content-encoding: gzip
age: 850888
access-control-allow-methods: GET
expires: Sat, 15 Nov 2025 02:04:52 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: lpxaQZAelCfMg-Z9zfz9qSbRNzoVuUNxT9rTEoMLjSPCBGXbgu-VlA==
date: Fri, 15 Nov 2024 02:04:52 GMT
content-type: image/jpeg
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cache-control: public, max-age=31536000
access-control-allow-credentials: true
via: 1.1 c9e960a38bdca78bc2199689902e6c2e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: SIN2-P8
server: nginx

Redirect headers

location: https://w.ladicdn.com:443/66609339ed4926001234e8f3/441583701_122095128590339038_3022677313439243344_n-20241115020449-np6qn.jpg
content-length: 134
date: Sun, 24 Nov 2024 22:26:20 GMT
content-type: text/html
server: awselb/2.0

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 7ms
6ms Fetch
text/plain 142.251.175.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-QWJ7CM8KME&gtm=45je4bk0v9200101292za200&_p=1732487179906&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=2109366408.1732487180&ul=en-sg&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1732487180&sct=1&seg=0&dl=https%3A%2F%2Fwww.ghemassagekaitashi.com%2F&dt=GH%E1%BA%BE%20MASSAGE%20KAITASHI%20KS-112&en=ScrollDepth_25_percent&_ee=1&ep.event_category=LadiPageScrollDepth&ep.event_label=www.ghemassagekaitashi.com%2F&ep.non_interaction=true&_et=4&tfd=5530
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QWJ7CM8KME
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.175.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: sh-in-f102.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.ghemassagekaitashi.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.ghemassagekaitashi.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 22:26:25 GMT
content-type: text/plain
server: Golfe2

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.ghemassagekaitashi.com/	1970-01-21 10:50:47	Name: LADI_DNS_CHECK Value: "2024-11-24 22:26:19.853226652 +0000 UTC m=+2634507.413902884"
www.ghemassagekaitashi.com/	1970-01-21 10:50:47	Name: LADI_CLIENT_ID Value: 0236ddb6-0f4b-4d16-7b4a-2927f6f4bf17
www.ghemassagekaitashi.com/	1970-01-21 10:50:47	Name: LADI_FORM_SUBMIT Value: 0
www.ghemassagekaitashi.com/	1970-01-21 10:50:47	Name: LADI_PAGE_VIEW Value: 1
www.ghemassagekaitashi.com/	1970-01-21 01:16:13	Name: _timenow Value: 1732487180003
www.ghemassagekaitashi.com/	1970-01-21 10:00:23	Name: LADI_UNIQUE_ID Value: 9f6f3878-d2c6-40cb-8a18-185466f729b9
www.ghemassagekaitashi.com/	1970-01-21 10:00:23	Name: LADI_FFD Value: eyJwdiI6eyJlIjoxNzY0MDIzMTgwLCJ2IjoxfX0=
.tiktok.com/	1970-01-21 10:36:23	Name: _ttp Value: 2pJbZTcbYTbsqnpSA0gLkfuNRgj
.ghemassagekaitashi.com/	1970-01-21 10:50:47	Name: _ga Value: GA1.1.2109366408.1732487180
.ghemassagekaitashi.com/	1970-01-21 10:50:47	Name: _ga_QWJ7CM8KME Value: GS1.1.1732487180.1.0.1732487180.0.0.0
.ghemassagekaitashi.com/	1970-01-21 10:36:23	Name: _tt_enable_cookie Value: 1
.ghemassagekaitashi.com/	1970-01-21 10:36:23	Name: _ttp Value: S98IUOy8YGkHMkKF1E7Kic64WqG.tt.1
.ghemassagekaitashi.com/	1970-01-21 03:24:23	Name: _fbp Value: fb.1.1732487180456.789934518778601574

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ladipage.com
analytics.tiktok.com
connect.facebook.net
docs.google.com
fonts.googleapis.com
fonts.gstatic.com
static.ladipage.net
w.ladicdn.com
www.facebook.com
www.ghemassagekaitashi.com
www.google-analytics.com
www.googletagmanager.com
13.228.81.39
13.35.238.29
142.251.175.102
172.253.118.97
18.143.120.180
184.50.85.169
54.151.206.154
57.144.144.1
57.144.144.128
74.125.200.102
74.125.24.95
74.125.68.94
0833bf8282df953039a9f96065151eba1cc79d1f3373ca03b25ea7ffeffddcf6
0d43791134e2e13160c0f0ad2a1b60831798f279d51728750ab7a5e3adce156a
0e8766356e7b8f563df27d4e7928077709065f892850c9089cb42d922530fc7f
12be3610fd58ee15db3b7dd23382189d135d3287d9217bf957e2cbb0a7aa1437
17fa126bfc847b6b17e95b29180143e025f7a2d5842ac46cb7221e6f367140ab
1aece686ac161180b8b90259b6ddf269cd9ab7a893ca3fd36d2d2d17deaf6be5
1d9320d0a0261ae7d49bd23062b5077f47cdb1a67bae4daa0c7dc34db89ea46f
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4
31d66284204ab36bfd0b97ed55fcf8e4bbceafa0a8bd46b71f64db8d0ef9d500
3ab394ddf299b43a8d7fd60d12a1e1650a836e378bb97c46db74cf70c7c84cc2
42fb8115c0b5e9d4b569b4694ccc582b14b1924c115fd65e580a4a6864d9c3ef
4f9fab1dba389fa19212a3c7cf89445cee3f9b26ffc4ff940f4f83668d11e44f
516507425d7f314a4731db8a6848b8d584326bad9cc47dbffa4052faf90de11b
5695ec60ce2144f9d6a79c9af68a914d1a922e13d801aca4e896034b187e305a
5e027f7ddb138eabf032d63c4160b77f389aa4d44375ae8e195dcb08674d67df
6ae27f3935db37745b8fcd6ff99b0e45ba029904d7d8c9564ee6dc84c12c95e1
72b65e50a20885aaaaf1f8f42a67501fe92f8d88659f74c7775e79ff7b92833c
7d9f021cc2bc112fe79b5ce11448b9565ff308bc445840e1ac89babcddc6a516
827de746cd83d2e4e5e1368b7ba0eba402d6d3d7a6ade6a9577cb200f53b7c28
8298d0c3a2ece9dc3d1a2bf3a2b8899158e9e7f996c2179fe8b37a88150d4b7b
8320299532b4b81498d5b3714d49c9d5938883b55f4c2a1efe6f105bf4a942bd
8a5aefbfafc4dea69fd7fae1fb0ec0c9ae027c04db207785418fe1ead633de55
99027d866818f716d208569108a962ac72200197cae503efe5b6bf002bf4915b
9dbbaa9e884efd355c99d77730d93cce026c7a39fa50717e87de85b638007a3e
9fe53194fcc3cdd0970fdcd0114496aeeb718a5f2448eeb8de374745f0b8297e
a2af879c9d863ff503ebd89ef251c9d8caa2c8063f097c29e31856e27aca2630
a69274182ba0a73df30bff301fa319d846760b629cc78357b89826ba6d61f110
a836d8318fc395149390a4a878ee66257a24ab9a837f1c4e9734878762fb84fc
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
af37ac52e94a76baa8c37ef1d5315e6c57ab512c9448cbf85b238ede6ae56b9a
af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff
bda5285b36ff1d6b1bebe3b9302a0a7d8a491b80f484eb34ef22cfe584a25d48
c8e3b03a30279836255de18c24e692e9d1d90a6be03d6ca3c3ec6ef41e146454
c950f9d8711acbcb718c05c7d12d9297acfd418b228382d45c92c36deab49b12
ca28f0f5d3f5076540286bd2d13ba08708f02bc5a1e8b312606ac494cedbe367
cf0bf63462664a05ce7970d2244c0795c49372d8f4f00b70a58fe5e4aa6f5c4b
d5129f52e0bb59972c8b9b6cb2a21d2c7fe2abc533672afc9387b7b66f4ba260
dc05250e2f69c3e2365171dbf05b73d80b4e00aa0ba99a98247a4f273842c2f3
de5cb7ef8257923dfa927fe0c5b33788b19506a2f45e77e22b14845aa7542886
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d5b882c6f3847773ff5660c0bba10cb66481536e0598041d7de63a1a5038a3
fa7e06ce19f28ec02a2dd098b0dc872e8a7f8c956623aaf9204041da8106b1a4
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1
fe6fd2c7d5a4e494e81043979b51f02e63cf8f18a536b9ecad9480b87829c596

www.ghemassagekaitashi.com Open in urlscan Pro 13.228.81.39 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

53 Requests

96 %HTTPS

0 %IPv6

12 Domains

12 Subdomains

12 IPs

3 Countries

1970 kBTransfer

4188 kBSize

13 Cookies

0 Outgoing links

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ghemassagekaitashi.com Open in urlscan Pro
13.228.81.39 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

96 %
HTTPS

0 %
IPv6

12
Domains

12
Subdomains

12
IPs

3
Countries

1970 kB
Transfer

4188 kB
Size

13
Cookies

53 HTTP transactions
2 data transactions